Known Issues

This topic lists known issues in Eucalyptus 4.2.1 and its
dependencies.

Please contact Eucalyptus Support for known workarounds to these issues.

New known issues for this release:

Issue

Description

Security group rules using instances Public IP are not enforced in
MANAGED mode (EUCA-11476)

Security group rules are enforced in the FORWARD chain, which is
processed before POSTROUTING (where SNAT happens). Thus, security group
rules that use instances public IP addresses will not match in FORWARD
chain (packets will have instances' private IP address in the FORWARD
chain). See linked bug for more information.

Instance Migration Fails when SELinux is enabled and is in Permissive
mode (EUCA-11803)

Instance migration fails when SELinux is enabled and is in permissive mode.

While running TEST-1905 for edge mode, it was discovered that
removing a public IP requires a cloud service restart while adding
public/private IPs, removing private IPs and changing the subnet does
not require a cloud service restart.

In VPC, an internal load balancer has ELB instances that is in a
private subnet without a public IP. That instance cannot reach ELB
service to retrieve information on the ELB, update its status, etc.,
without configuring a NAT instance in the VPC.

Workaround: None at
this time.

Non-default security group for ELB/VPC blocks ports for ELBs (EUCA-11374)

In VPC, all egress ports for non-default security groups are blocked.
When the non-default security group is used with the ELB, the ELB will
not be functional until the required ports are opened.

Workaround:
Use Euca2ools to run the following commands to authorize each of the
egress ports (TCP:8773 (Web service), UDP:53 (DNS), and UDP:123) for
the non-default security group: